Unified_operations_manager - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Unified_operations_manager
(Cisco)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	11

Date	Id	Summary	Products	Score	Patch	Annotated
2011-05-20	CVE-2011-0959	Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to...	Unified_operations_manager	N/A
2011-05-20	CVE-2011-0960	Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to execute arbitrary SQL commands via (1) the CCMs parameter to iptm/PRTestCreation.do or (2) the ccm parameter to iptm/TelePresenceReportAction.do, aka Bug ID CSCtn61716.	Unified_operations_manager	N/A
2011-05-20	CVE-2011-0962	Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote attackers to inject arbitrary web script or HTML via the tag parameter, aka Bug ID CSCto12712.	Unified_operations_manager	N/A
2013-09-12	CVE-2013-5488	Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969.	Prime_lan_management_solution, Security_manager, Unified_operations_manager, Unified_service_monitor	N/A
2013-07-23	CVE-2013-3440	Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cisco Unified Operations Manager allow remote attackers to inject arbitrary web script or HTML, and obtain improperly secured cookies, via unspecified vectors, aka Bug ID CSCud80186.	Unified_operations_manager	N/A
2013-07-23	CVE-2013-3439	Cross-site scripting (XSS) vulnerability in Cisco Unified Operations Manager allows remote attackers to inject arbitrary web script or HTML via a crafted URL in an unspecified HTTP header field, aka Bug ID CSCud80182.	Unified_operations_manager	N/A
2013-07-23	CVE-2013-3437	SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID CSCud80179.	Unified_operations_manager	N/A
2013-07-10	CVE-2013-3416	Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 and CSCuh95997.	Unified_operations_manager, Unified_service_monitor	N/A
2011-09-19	CVE-2011-2738	Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary...	Ciscoworks_lan_management_solution, Unified_operations_manager, Unified_service_monitor, Ionix_acm, Ionix_asam, Ionix_ip	N/A
2010-10-29	CVE-2010-3036	Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.	Ciscoworks_common_services, Ciscoworks_lan_management_solution, Qos_policy_manager, Security_manager, Telepresence_readiness_assessment_manager, Unified_operations_manager, Unified_service_monitor	N/A